Traps 4.2: Install, Configure and Manage (EDU-281)

Palo Alto Networks® Traps™ Advanced Endpoint Protection prevents sophisticated vulnerability exploits and unknown malware-driven attacks. Successful completion of this course helps prepare students to install on-premise Traps in basic configurations.
Course Objectives
Students will learn how Traps protects against exploits and malware-driven attacks. In hands-on lab exercises, students will install and configure the Endpoint Security Manager (ESM) and Traps endpoint components, build rules, enable and disable process protections, and integrate Traps with Palo Alto Networks WildFire®, which provides protection from known and unknown malware.
Target Audience
Security Engineers, System Administrators, and Technical Support Engineers
Students must have Windows system administration skills and familiarity with enterprise security concepts.
Show details
Course Outline
Module 1: Traps Overview
  • How sophisticated attacks work today
  • The design approach of Traps
  • Traps components and resources
Module 2: Installing Traps
  • Planning the installation
  • Installing the ESM Server and Console
  • Installing Windows and macOS agents
  • Managing content updates
  • Upgrading Traps
Module 3: Malicious Software Overview
  • Basics of computer architecture
  • Exploitation techniques and their prevention
  • Malware techniques and their prevention
Module 4: Consoles Overview
  • Introduction to the ESM Console
  • Introduction to the Traps Agent Console
Module 5: Traps Protection Against Exploits
  • Architecture and EPMs
  • Configuring exploit protection
Module 6: Traps Protection Against Malware
  • Malware protection process flow and components
  • Post-detection malware analysis
Module 7: Prevention Event Exceptions
  • Prevention events
  • Post-Detection events
  • EPM events
Module 8: Managing Traps
  • System monitoring
  • Traps license administration
  • Agent license administration
  • Server settings, users, and roles
Module 9: Traps Forensics
  • Forensics workflow and policies
  • Responding to prevention events
  • Logging
Module 10: Basic Traps Troubleshooting
  • Working with the technical support
  • Troubleshooting installation, connectivity, and upgrades